Arch Linux

From Segfault
Jump to navigation Jump to search


Download an ISO image, verify its signature and its checksum:

$ sha1sum -c archlinux-2015.06.01-dual.iso.sha1
archlinux-2015.06.01-dual.iso: OK

$ gpg --recv-keys 9741E8AC
$ gpg --verify archlinux-2015.06.01-dual.iso{.sig,}

Booting the image will not enter an installation routine but will drop to a shell. Set a (root) password and enable sshd:

systemctl start sshd.service

If necessary, add a default route for internet access too:

ip route add default via

Add DNS information:

$ grep '^[a-z]' /etc/resolv.conf
search local

Now we should be able to login via SSH and continue with the installation. See the Installation guide for further steps.


If we decide for a GPT partitioning scheme[1]:

$ lsblk 
sda      8:0    0     4G  0 disk 
sr0     11:0    1   734M  0 rom  /run/archiso/bootmnt
loop0    7:0    0 317.8M  1 loop /run/archiso/sfs/airootfs

Note: since version 2.25, cfdisk also supports GPT. Let's use gdisk anyway for now:

$ gdisk /dev/sda
Command (? for help): o                                                     # create a new empty GUID partition table (GPT)
Command (? for help): n                                                     # add a new partition
Partition number (1-128, default 1): 
First sector (34-8388574, default = 2048) or {+-}size{KMGTP}: 
Last sector (2048-8388574, default = 8388574) or {+-}size{KMGTP}: +1M       # We need a 1 MB "BIOS boot partition" for GPT
Hex code or GUID (L to show codes, Enter = 8300): ef02
Changed type of partition to 'BIOS boot partition'

Command (? for help): n
Partition number (2-128, default 2):
First sector (34-8388574, default = 4096) or {+-}size{KMGTP}:
Last sector (4096-8388574, default = 8388574) or {+-}size{KMGTP}: -128M     # Use the the remaining disk space, minus 128 MB
Current type is 'Linux filesystem'
Hex code or GUID (L to show codes, Enter = 8300): 
Changed type of partition to 'Linux filesystem'

Command (? for help): n
Partition number (3-128, default 3): 
First sector (34-8388574, default = 8126464) or {+-}size{KMGTP}: 
Last sector (8126464-8388574, default = 8388574) or {+-}size{KMGTP}:        # Use the remaining disk space
Current type is 'Linux filesystem'
Hex code or GUID (L to show codes, Enter = 8300): 8200
Changed type of partition to 'Linux swap'

Command (? for help): p
Disk /dev/sda: 8388608 sectors, 4.0 GiB
Logical sector size: 512 bytes
Disk identifier (GUID): 7EE317A0-6C4F-4A93-B0E7-D03BFC83F283
Partition table holds up to 128 entries
First usable sector is 34, last usable sector is 8388574
Partitions will be aligned on 2048-sector boundaries
Total free space is 2047 sectors (1023.5 KiB)

Number  Start (sector)    End (sector)  Size       Code  Name
  1            2048            4095   1024.0 KiB  EF02  BIOS boot partition
  2            4096         8126430   3.9 GiB     8300  Linux filesystem
  3         8126464         8388574   128.0 MiB   8200  Linux swap

Command (? for help): w                                                     # write table to disk and exit

Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING PARTITIONS!!

Do you want to proceed? (Y/N): Y
OK; writing new GUID partition table (GPT) to /dev/sda.
The operation has completed successfully.

Note: the cgdisk routine would have been easier ;-)

File systems

Create file systems:

mkfs.jfs /dev/sda2                                           # See these notes for supported file systems
mkswap /dev/sda3

$ blkid -s TYPE
/dev/sda2: TYPE="jfs"
/dev/sda3: TYPE="swap"
/dev/sr0: TYPE="iso9660"
/dev/loop0: TYPE="squashfs"

Enable swap, mount file systems:

mount -t jfs /dev/sda2 /mnt
swapon /dev/sda3


Adjust mirror list:

cp /etc/pacman.d/mirrorlist mirrorlist.orig
grep -A1 United\ States mirrorlist.orig | sed 's/^--//' > /etc/pacman.d/mirrorlist            # Adjust as needed!

Install the base group:

$ pacstrap /mnt base
==> Creating install root at /mnt
==> Installing packages to /mnt

Generate an fstab:

genfstab -p /mnt >> /mnt/etc/fstab

chroot into the new installation:

arch-chroot /mnt

Configure more system settings:

echo arch0 > /etc/hostname
ln -sf /usr/share/zoneinfo/PST8PDT /etc/localtime

Install locales:

$ grep -v ^\# /etc/locale.gen
en_US.UTF-8 UTF-8  

$ locale-gen
Generating locales...
  en_US.UTF-8... done

$ echo LANG=en_US.UTF-8 > /etc/locale.conf


Configure & create initrd:

$ grep ^[A-Z] /etc/mkinitcpio.conf
HOOKS="base udev autodetect modconf block filesystems keyboard fsck"

$ mkinitcpio -p linux
==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'default'
 -> -k /boot/vmlinuz-linux -c /etc/mkinitcpio.conf -g /boot/initramfs-linux.img

Install the GRUB bootloader:

$ pacman -S grub
$ grub-install --recheck /dev/sda
Installing for i386-pc platform.
Installation finished. No error reported.

$ grub-mkconfig -o /boot/grub/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-linux
Found initrd image: /boot/initramfs-linux.img
Found fallback initramfs image: /boot/initramfs-linux-fallback.img


Create configuration file for netctl

$ cd /etc/netctl/
$ cp examples/ethernet-static enp0s3                             # Adjust the NIC name!

$ cat enp0s3 

$ netctl start enp0s3                                            # Running in chroot, ignoring request.
$ netctl enable enp0s3

Install OpenSSH:

pacman -S openssh
systemctl enable sshd.service
systemctl start sshd.service                                     # Running in chroot, ignoring request.

Enable pam_cracklib:

$ grep ^p /etc/pam.d/passwd 
password        required difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
password        required sha512 shadow use_authtok

Set a password:

$ passwd 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully

If all went well, the machine can be rebooted and should be installed now.


Install missing packages:

pacman -S --needed  arpwatch atop autossh bash-completion bc binutils checksec cronie cryptsetup dosfstools ecryptfs-utils git haveged hdparm iftop iotop iperf3 lsof make mlocate moreutils nfs-utils nftables nrpe openbsd-netcat p7zip pbzip2 pigz pv rsnapshot rsync screen smartmontools ssmtp strace sudo syslog-ng sysstat systemd-swap tcpdump unrar unzip vim vnstat w3m zstd

Enable various daemons as needed:

systemctl enable cronie.service haveged.service
systemctl start  cronie.service haveged.service



Since Arch Linux is using systemd, let's create an rc.local equivalent:

$ cat /etc/systemd/system/rc-local.service
Description=/etc/rc.local Compatibility

ExecStart=/etc/rc.local start


$ sudo systemctl enable rc-local.service

The file /etc/rc.local needs to be executable too. Example:

$ sudo chmod 0700 /etc/rc.local
$ cat /etc/rc.local
logger "$0: test"

$ sudo systemctl start rc-local.service
$ sudo journalctl -n 1
-- Logs begin at Wed 2015-10-07 11:51:19 PDT, end at Wed 2015-10-07 12:39:13 PDT. --
Oct 07 12:39:06 arch0 root[278]: /etc/rc.local: test


Install mlocate:

sudo pacman -S --needed mlocate

Enable the periodic updatedb generation:

$ cat /etc/cron.daily/updatedb
/usr/bin/sudo -u nobody /usr/bin/updatedb

Adjust the database directory, so updatedb doesn't need to be run as root:

chown -c nobody:locate /var/lib/mlocate/
chmod -c 2750 /var/lib/mlocate/


When installing a new kernel, the current (running) kernel including its modules are removed. To prevent that, a hook script[2] can be used:

git clone kmh-git
cd kmh-git
makepkg --syncdeps --clean --install

sudo systemctl daemon-reload
sudo systemctl enable linux-modules-cleanup


Arch Linux follows a rolling release model[3][4] and while an Arch system can be updated, there are no releases and the term upgrade may not apply.

Download fresh package databases from the server

pacman --sync --refresh --refresh                        # Short: pacman -Syy

Update installed packages:

pacman --sync --refresh --sysupgrade                     # Short: pacman -Syu